Question 1

If,when obtaining an understanding of control activities of a relatively small client,the auditor identified no control activities,the auditor would probably set a high assessment of control risk.

Accepted Answer

If there are no control activities, it is likely that there is a higher risk of misstatement or fraud occurring in the financial statements, which would lead the auditor to set a higher assessment of control risk.

Question 2

Describe three computer auditing techniques available to the auditor.

Accepted Answer

The answer of Describe three computer auditing techniques available to...

Question 3

The embedded audit module approach requires the auditor to insert an audit module in the client's application system to to identify specific types of transactions.

Accepted Answer

The statement is true. The embedded audit module approach involves inserting an audit module within the client's application system to identify specific types of transactions that require auditing. This helps in ensuring that the audit trail is complete and accurate, as well as in identifying any potential fraud or errors.

Question 4

Parallel simulation is used primarily to test internal controls over the client's IT systems,whereas the test data approach is used primarily for substantive testing.

Accepted Answer

The statement is incorrect. Parallel simulation and test data approach can both be used for either internal control testing or substantive testing, depending on the auditor's objectives and the nature of the IT systems being tested.

Question 5

In an audit of a nonpublic company,the less control risk there is,the smaller the amount of planned substantive evidence that is required.

Accepted Answer

This statement is true. When there is less control risk, it means that the company's internal controls are effective and reliable. This reduces the auditor's need to rely on substantive procedures to detect material misstatements in the financial statements. Therefore, the amount of planned substantive evidence required would be smaller in such an audit.

Question 6

Auditing by testing automated internal controls and account balances electronically,generally because effective general controls exist,is known as
A)auditing through the computer.
B)auditing around the computer.
C)embedded audit module approach.
D)parallel simulation testing.

Accepted Answer

Auditing by testing automated internal controls and account balances electronically is known as auditing through the computer. This approach is used when effective general controls exist that support the accuracy and reliability of computer-generated data, and allows auditors to efficiently and effectively test large volumes of data. The other options, auditing around the computer, embedded audit module approach, and parallel simulation testing, do not describe this specific approach.

Question 7

The objective of the test data approach is to determine whether the client's computer programs can correctly process valid and invalid transactions.

Accepted Answer

The objective of the test data approach is to determine whether the client's computer programs can correctly process both valid and invalid transactions.

Question 8

The auditor obtains a sufficient understanding of internal control to assess the risk of material misstatement at the overall financial statement level and at the relevant assertion level.

Accepted Answer

This statement is true. Obtaining an understanding of internal control is a crucial step in the audit process as it allows the auditor to assess the risk of material misstatement and determine the nature and extent of further audit procedures needed.

Question 9

The auditor's objective in determining whether the client's computer program correctly processes valid and invalid transactions is accomplished through the
A)test data approach.
B)generalized audit software approach.
C)microcomputer-aided auditing approach.
D)generally accepted auditing standards.

Accepted Answer

The auditor's objective in determining whether the client's computer program correctly processes valid and invalid transactions is accomplished through the test data approach, where the auditor uses fictitious data to test the system's ability to correctly process various types of transactions. The other options listed are also relevant to auditing computer systems, but they do not specifically address the objective of testing the system's ability to process transactions correctly.

Question 10

When using the test data approach,
A)auditors process test data supplied by the client.
B)auditors often obtain assistance from a computer audit specialist.
C)the tests must be performed at the end of the year.
D)the test data must remain in the client's records.

Accepted Answer

The test data approach involves creating fictitious transactions that are processed through the client's system in order to test the system's controls. These tests are often complex and require specialized skills, so auditors may obtain assistance from a computer audit specialist. The timing of the tests may vary but they are typically performed during the audit period, not necessarily at the end of the year. The client does not need to retain the test data in their records once the audit is complete.

Question 11

Which of the following computer-assisted auditing techniques inserts an audit module in the client's application system to identify specific types of transactions?
A)parallel simulation testing
B)test data approach
C)embedded audit module
D)generalized audit software testing

Accepted Answer

The technique that inserts an audit module in the client's application system to identify specific types of transactions is known as embedded audit module. Therefore, the correct answer is option C. Option A is incorrect because parallel simulation testing involves processing test data through a copy of the client's system. Option B is incorrect because test data approach involves creating fictitious data to test the application system. Option D is incorrect because generalized audit software testing involves processing data through generalized audit software rather than the client's application system.

Question 12

A company's size should have no impact on the nature of internal control and the controls that are implemented.

Accepted Answer

The size of a company can impact the nature of internal control and the controls that are implemented. Larger companies may require more complex controls due to the scale and diversity of their operations, while smaller companies may have simpler controls but still need to ensure effective separation of duties and other basic controls. Additionally, smaller companies may have resource constraints that limit their ability to implement certain controls.

Question 13

Auditors often use Generalized Audit Software during their testing of a client's internal controls.For the following uses of the software provide a description and an example.
Verify extensions and footings
Print confirmation requests
Compare data on separate files

Accepted Answer

The answer of Auditors often use Generalized Audit Software during...

Question 14

The procedures used to gain an understanding of internal control do not vary from client to client.

Accepted Answer

The procedures used to gain an understanding of internal control can vary from client to client depending on the nature of the organization, its size, and the complexity of its processes. The auditor needs to tailor their procedures to the specific circumstances of each client in order to obtain sufficient and appropriate evidence.

Question 15

Control risk is generally set at minimum for most private companies.

Accepted Answer

Control risk is not always set at minimum for most private companies as it depends on factors such as the nature of the business and the industry in which it operates. Some companies may prioritize control risk and implement stricter measures, while others may have a more relaxed approach.

Question 16

Which of the following best describes the test data approach?
A)Auditors process their own test data using the client's computer system and application program.
B)Auditors process their own test data using their own computers that simulate the client's computer system.
C)Auditors use auditor-controlled software to do the same operations that the client's software does,using the same data files.
D)Auditors use client-controlled software to do the same operations that the client's software does,using auditor created data files.

Accepted Answer

The answer of Which of the following best describes the...

Question 17

Discuss the advantages and benefits of using generalized audit software.

Accepted Answer

The answer of Discuss the advantages and benefits of using...

Question 18

Which of the following is not seen as an advantage to using generalized audit software (GAS)?
A)Auditors can learn the software in a short period of time.
B)It can be applied to a variety of clients after detailed customization.
C)It can be applied to a variety of clients with minimal adjustments to the software.
D)It greatly accelerates audit testing over manual procedures.

Accepted Answer

Generalized Audit Software (GAS) is designed to be flexible and adaptable to a wide range of clients and situations with minimal adjustments, making detailed customization (as mentioned in option B) not typically seen as an advantage. Instead, the ease of application across different clients with minimal changes (option C) is one of its key benefits.

Question 19

The assessment of control risk does not impact the testing of controls.

Accepted Answer

The assessment of control risk impacts the testing of controls. A higher assessment of control risk may require more extensive testing of controls, whereas a lower assessment may require less testing.

Question 20

When using the test data approach,
A)test data should include data that the client's system should accept or reject.
B)application programs tested by the auditor's test data must be different from those used by the client throughout the year.
C)select data may remain in the client system after testing.
D)None of the above statements is correct.

Accepted Answer

The purpose of the test data approach is to test the application's ability to accept or reject specific conditions. Therefore, the test data should include data that the client's system should accept or reject. B is incorrect because the application programs tested by the auditor's test data should be the same as those used by the client throughout the year to ensure accuracy in the testing process. C is incorrect because select data should be removed from the client's system after testing to avoid any interference with future transactions.

Quiz 12: Assessing Control Risk and Reporting on Internal Controls

If,when obtaining an understanding of control activities of a relatively small client,the auditor identified no control activities,the auditor would probably set a high assessment of control risk.

Describe three computer auditing techniques available to the auditor.

The embedded audit module approach requires the auditor to insert an audit module in the client's application system to to identify specific types of transactions.

Parallel simulation is used primarily to test internal controls over the client's IT systems,whereas the test data approach is used primarily for substantive testing.

In an audit of a nonpublic company,the less control risk there is,the smaller the amount of planned substantive evidence that is required.

Auditing by testing automated internal controls and account balances electronically,generally because effective general controls exist,is known as

The objective of the test data approach is to determine whether the client's computer programs can correctly process valid and invalid transactions.

The auditor obtains a sufficient understanding of internal control to assess the risk of material misstatement at the overall financial statement level and at the relevant assertion level.

The auditor's objective in determining whether the client's computer program correctly processes valid and invalid transactions is accomplished through the

When using the test data approach,

Which of the following computer-assisted auditing techniques inserts an audit module in the client's application system to identify specific types of transactions?

A company's size should have no impact on the nature of internal control and the controls that are implemented.

Auditors often use Generalized Audit Software during their testing of a client's internal controls.For the following uses of the software provide a description and an example. Verify extensions and footings Print confirmation requests Compare data on separate files

The procedures used to gain an understanding of internal control do not vary from client to client.

Control risk is generally set at minimum for most private companies.

Which of the following best describes the test data approach?

Discuss the advantages and benefits of using generalized audit software.

Which of the following is not seen as an advantage to using generalized audit software (GAS) ?

The assessment of control risk does not impact the testing of controls.

When using the test data approach,